Example 1 with ClientsResource
use of org.keycloak.admin.client.resource.ClientsResource in project openremote by openremote.
the class ManagerKeycloakIdentityProvider method updateRoles.
@Override
public void updateRoles(ClientRequestInfo clientRequestInfo, String realm, String userId, Role[] roles) {
RoleMappingResource roleMappingResource = getRealms(clientRequestInfo).realm(realm).users().get(userId).roles();
ClientsResource clientsResource = getRealms(clientRequestInfo).realm(realm).clients();
String clientId = clientsResource.findByClientId(KEYCLOAK_CLIENT_ID).get(0).getId();
List<RoleRepresentation> rolesToAdd = new ArrayList<>();
List<RoleRepresentation> rolesToRemove = new ArrayList<>();
for (Role role : roles) {
RoleRepresentation roleRepresentation = new RoleRepresentation();
roleRepresentation.setId(role.getId());
roleRepresentation.setName(role.getName());
if (role.isAssigned()) {
rolesToAdd.add(roleRepresentation);
} else {
rolesToRemove.add(roleRepresentation);
}
}
roleMappingResource.clientLevel(clientId).add(rolesToAdd);
roleMappingResource.clientLevel(clientId).remove(rolesToRemove);
}
Also used :
ClientsResource(org.keycloak.admin.client.resource.ClientsResource)
ArrayList(java.util.ArrayList)
RoleMappingResource(org.keycloak.admin.client.resource.RoleMappingResource)
Example 2 with ClientsResource
use of org.keycloak.admin.client.resource.ClientsResource in project openremote by openremote.
the class ManagerKeycloakIdentityProvider method createClientApplication.
public void createClientApplication(ClientRequestInfo clientRequestInfo, String realm) {
ClientsResource clientsResource = getRealms(clientRequestInfo).realm(realm).clients();
ClientRepresentation client = createClientApplication(realm, KEYCLOAK_CLIENT_ID, "OpenRemote", devMode);
clientsResource.create(client);
client = clientsResource.findByClientId(client.getClientId()).get(0);
ClientResource clientResource = clientsResource.get(client.getId());
addDefaultRoles(clientResource.roles());
}
Also used :
ClientsResource(org.keycloak.admin.client.resource.ClientsResource)
ClientResource(org.keycloak.admin.client.resource.ClientResource)
Example 3 with ClientsResource
use of org.keycloak.admin.client.resource.ClientsResource in project openremote by openremote.
the class ManagerKeycloakIdentityProvider method getRoles.
@Override
public Role[] getRoles(ClientRequestInfo clientRequestInfo, String realm, String userId) {
RoleMappingResource roleMappingResource = getRealms(clientRequestInfo).realm(realm).users().get(userId).roles();
ClientsResource clientsResource = getRealms(clientRequestInfo).realm(realm).clients();
String clientId = clientsResource.findByClientId(KEYCLOAK_CLIENT_ID).get(0).getId();
RolesResource rolesResource = clientsResource.get(clientId).roles();
List<RoleRepresentation> allRoles = rolesResource.list();
List<RoleRepresentation> effectiveRoles = roleMappingResource.clientLevel(clientId).listEffective();
List<Role> roles = new ArrayList<>();
for (RoleRepresentation roleRepresentation : allRoles) {
boolean isAssigned = false;
for (RoleRepresentation effectiveRole : effectiveRoles) {
if (effectiveRole.getId().equals(roleRepresentation.getId()))
isAssigned = true;
}
roles.add(new Role(roleRepresentation.getId(), roleRepresentation.getName(), roleRepresentation.isComposite(), isAssigned));
}
return roles.toArray(new Role[roles.size()]);
}
Also used :
ClientsResource(org.keycloak.admin.client.resource.ClientsResource)
ArrayList(java.util.ArrayList)
RolesResource(org.keycloak.admin.client.resource.RolesResource)
RoleMappingResource(org.keycloak.admin.client.resource.RoleMappingResource)
Example 4 with ClientsResource
use of org.keycloak.admin.client.resource.ClientsResource in project openremote by openremote.
the class KeycloakDemoSetup method onStart.
@Override
public void onStart() throws Exception {
super.onStart();
// Tenants
masterTenant = identityService.getIdentityProvider().getTenantForRealm(Constants.MASTER_REALM);
Tenant customerA = new Tenant();
customerA.setRealm("customerA");
customerA.setDisplayName("Customer A");
customerA.setEnabled(true);
keycloakProvider.createTenant(new ClientRequestInfo(null, accessToken), customerA, emailConfig);
customerATenant = keycloakProvider.getTenantForRealm(customerA.getRealm());
Tenant customerB = new Tenant();
customerB.setRealm("customerB");
customerB.setDisplayName("Customer B");
customerB.setEnabled(true);
keycloakProvider.createTenant(new ClientRequestInfo(null, accessToken), customerB, emailConfig);
customerBTenant = keycloakProvider.getTenantForRealm(customerB.getRealm());
// Users
String masterClientObjectId = getClientObjectId(masterClientsResource);
RolesResource masterRolesResource = masterClientsResource.get(masterClientObjectId).roles();
UserRepresentation testuser1 = new UserRepresentation();
testuser1.setUsername("testuser1");
testuser1.setFirstName("Testuserfirst");
testuser1.setLastName("Testuserlast");
testuser1.setEnabled(true);
masterUsersResource.create(testuser1);
testuser1 = masterUsersResource.search("testuser1", null, null, null, null, null).get(0);
this.testuser1Id = testuser1.getId();
CredentialRepresentation testuser1Credentials = new CredentialRepresentation();
testuser1Credentials.setType("password");
testuser1Credentials.setValue("testuser1");
testuser1Credentials.setTemporary(false);
masterUsersResource.get(testuser1.getId()).resetPassword(testuser1Credentials);
masterUsersResource.get(testuser1.getId()).roles().clientLevel(masterClientObjectId).add(Arrays.asList(masterRolesResource.get(ClientRole.WRITE_USER.getValue()).toRepresentation(), masterRolesResource.get(ClientRole.READ_MAP.getValue()).toRepresentation(), masterRolesResource.get(ClientRole.READ_ASSETS.getValue()).toRepresentation(), masterRolesResource.get(ClientRole.READ_RULES.getValue()).toRepresentation(), masterRolesResource.get(ClientRole.WRITE_ASSETS.getValue()).toRepresentation(), masterRolesResource.get(ClientRole.WRITE_RULES.getValue()).toRepresentation()));
LOG.info("Added demo user '" + testuser1.getUsername() + "' with password '" + testuser1Credentials.getValue() + "'");
UsersResource customerAUsersResource = keycloakProvider.getRealms(accessToken).realm("customerA").users();
ClientsResource customerAClientsResource = keycloakProvider.getRealms(accessToken).realm("customerA").clients();
String customerAClientObjectId = getClientObjectId(customerAClientsResource);
RolesResource customerARolesResource = customerAClientsResource.get(customerAClientObjectId).roles();
UserRepresentation testuser2 = new UserRepresentation();
testuser2.setUsername("testuser2");
testuser2.setFirstName("Testuserfirst");
testuser2.setLastName("Testuserlast");
testuser2.setEnabled(true);
customerAUsersResource.create(testuser2);
testuser2 = customerAUsersResource.search("testuser2", null, null, null, null, null).get(0);
this.testuser2Id = testuser2.getId();
CredentialRepresentation testuser2Credentials = new CredentialRepresentation();
testuser2Credentials.setType("password");
testuser2Credentials.setValue("testuser2");
testuser2Credentials.setTemporary(false);
customerAUsersResource.get(testuser2.getId()).resetPassword(testuser2Credentials);
customerAUsersResource.get(testuser2.getId()).roles().clientLevel(customerAClientObjectId).add(Arrays.asList(customerARolesResource.get(ClientRole.WRITE_USER.getValue()).toRepresentation(), customerARolesResource.get(ClientRole.READ_MAP.getValue()).toRepresentation(), customerARolesResource.get(ClientRole.READ_ASSETS.getValue()).toRepresentation()));
LOG.info("Added demo user '" + testuser2.getUsername() + "' with password '" + testuser2Credentials.getValue() + "'");
UserRepresentation testuser3 = new UserRepresentation();
testuser3.setUsername("testuser3");
testuser3.setFirstName("Testuserfirst");
testuser3.setLastName("Testuserlast");
testuser3.setEnabled(true);
customerAUsersResource.create(testuser3);
testuser3 = customerAUsersResource.search("testuser3", null, null, null, null, null).get(0);
this.testuser3Id = testuser3.getId();
CredentialRepresentation testuser3Credentials = new CredentialRepresentation();
testuser3Credentials.setType("password");
testuser3Credentials.setValue("testuser3");
testuser3Credentials.setTemporary(false);
customerAUsersResource.get(testuser3.getId()).resetPassword(testuser3Credentials);
customerAUsersResource.get(testuser3.getId()).roles().clientLevel(customerAClientObjectId).add(Arrays.asList(customerARolesResource.get(ClientRole.WRITE_USER.getValue()).toRepresentation(), customerARolesResource.get(ClientRole.READ_MAP.getValue()).toRepresentation(), customerARolesResource.get(ClientRole.READ_ASSETS.getValue()).toRepresentation(), customerARolesResource.get(ClientRole.WRITE_RULES.getValue()).toRepresentation(), customerARolesResource.get(ClientRole.WRITE_ASSETS.getValue()).toRepresentation(), customerARolesResource.get(ClientRole.READ_RULES.getValue()).toRepresentation()));
LOG.info("Added demo user '" + testuser3.getUsername() + "' with password '" + testuser3Credentials.getValue() + "'");
}
Also used :
CredentialRepresentation(org.keycloak.representations.idm.CredentialRepresentation)
Tenant(org.openremote.model.security.Tenant)
UsersResource(org.keycloak.admin.client.resource.UsersResource)
ClientsResource(org.keycloak.admin.client.resource.ClientsResource)
ClientRequestInfo(org.openremote.container.web.ClientRequestInfo)
RolesResource(org.keycloak.admin.client.resource.RolesResource)
UserRepresentation(org.keycloak.representations.idm.UserRepresentation)
Aggregations
ClientsResource (org.keycloak.admin.client.resource.ClientsResource)4
ArrayList (java.util.ArrayList)2
RoleMappingResource (org.keycloak.admin.client.resource.RoleMappingResource)2
RolesResource (org.keycloak.admin.client.resource.RolesResource)2
ClientResource (org.keycloak.admin.client.resource.ClientResource)1
UsersResource (org.keycloak.admin.client.resource.UsersResource)1
CredentialRepresentation (org.keycloak.representations.idm.CredentialRepresentation)1
UserRepresentation (org.keycloak.representations.idm.UserRepresentation)1
ClientRequestInfo (org.openremote.container.web.ClientRequestInfo)1
Tenant (org.openremote.model.security.Tenant)1
